Learn how the CSAM Scanning Tool helps prevent the spread of CSAM.
The Child Sexual Abuse Material (CSAM) Scanning Tool allows website owners to proactively identify and take action on CSAM located on their website. By enabling this tool, Cloudflare will compare content served for your website through the Cloudflare cache to known lists of CSAM. These lists are provided to Cloudflare by leading child safety advocacy groups such as the National Center for Missing and Exploited Children (NCMEC).
Remember, by enabling the Service, you agree to the Supplemental Terms for the CSAM Scanning Tool. You agree to use this tool solely for the purposes of preventing the spread of CSAM.
Why would a URL be blocked?
Because knowingly distributing or viewing CSAM is illegal, the owner of the website has enabled Cloudflare's CSAM scanning tool to proactively identify and block images identified as CSAM located on their website.
Configuring the CSAM scanning tool
To enable the tool, go to the Cache Configuration section of the dashboard. When enabling the tool, you must provide an email address.. This email address will be used to both notify you in the event Cloudflare detects a positive match, and to provide NCMEC with contact information in the event they need more information about the content Cloudflare reports to them.
Additionally, you can configure which hashlists Cloudflare should compare against for potential matches. The two options are:
- NCMEC NGO - A set of image hashes provided by NCMEC gathered from non-governmental organizations.
- NCMEC Industry - A set of image hashes provided by NCMEC sourced from industry reports. Note that this list has the potential for slightly more false positives.
What happens when a match is detected
Three things happen when a potential match is detected with the tool:
1. A report is filed to NCMEC. This report includes the following: -The email address you provided when setting up the tool so that NCMEC can reach out for further information if required -The url of the matched content -The date and time the content was identified by the tool
2. An email is sent to you to inform you of the detection and the report. This email will include: -The url of the content that was matched -The ID of the report that was filed with NCMEC -Additional information on how to reach out to Cloudflare or provide further information to
3. If possible, a firewall block is placed to prevent further serving of the matched content.
What action should I take when a match is detected
You likely have additional obligations to remove the content that is reported to you and to preserve some information about it. NCMEC may reach out to you directly about a report.
You can find additional information about your legal obligations at https://www.missingkids.org/gethelpnow/cybertipline. For any report you receive, you can also file a report with additional information (referencing the Report ID provided in the notification) via the CyberTipline at https://report.cybertip.org/.
Cloudflare may have proactively blocked this material from being served by our network until you are able to remove the material from your origin. In the event that Cloudflare was unable to proactively block this material, as the website owner, you may still have legal obligations to disable access to this material.
If you have any questions about a report you receive or want help to remove a block once you have removed the flagged content, you can reach out to [email protected] for assistance.